To create a self-signed SSL certificate on Nginx for CentOS or Red Hat Enterprise Linux, you can use the OpenSSL tool. Here’s an example of how to do this:
- Install OpenSSL:
# yum install openssl
- Create a directory to store the SSL certificate:
mkdir /etc/nginx/ssl
- Change to the directory:
cd /etc/nginx/ssl
- Generate the SSL certificate:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
- Enter the required information, such as the country, state, city, and so on. The common name should be the fully-qualified domain name (FQDN) of your Nginx server.
- Add the following configuration to your Nginx server block:
server {
listen 443 ssl;
server_name your_domain.com;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
...
}
- Replace “your_domain.com” with the actual domain name.
- Restart Nginx to apply the changes:
# service nginx restart
Note: Keep in mind that a self-signed certificate is not trusted by browsers, so you will get a warning when visiting your site. If you need a trusted certificate, you need to purchase one from a certificate authority (CA).